1.1 The vulnerability exists due to improper handling of URI length within the "HttpUtils.dll" dynamic-link library. A remote attacker can send a specially crafted HTTP GET request of 161, 257 or 255 characters long to 30888/TCP port (default TVMOBiLi's server port) and cause a stack-based buffer overrun that will crash tvMobiliService service.

1.2 The vulnerability exists due to improper handling of URI length within the "HttpUtils.dll" dynamic-link library. A remote attacker can send a specially crafted HTTP HEAD request of 255, 257 or 260 characters long to 30888/TCP port and cause a stack-based buffer overrun that will crash tvMobiliService service.